Menu

Blog

10Apr

Why NSX?

There is no doubt that IT organizations have gained significant benefits as a direct result of server virtualization. Tangible advantages of server consolidation include reduced physical complexity, increased operational efficiency, and simplified dynamic pooling of compute and storage resources. These technology solutions have delivered on their promise of helping IT to quickly and optimally meet the needs of increasingly dynamic business applications.

VMware’s Software-Defined Data Center (SDDC) architecture moves beyond the server, extending virtualization technologies across the entire physical data center infrastructure. VMware NSX, the network virtualization platform, is a key product in the SDDC architecture. With VMware NSX, virtualization now delivers for networking what it has already delivered for compute. Layer 2 to layer 7 networking services (e.g., switching, routing, firewalling, and load balancing) can be quickly, flexibly and securely reproduced in software to make today’s IT organization more agile, secure and resilient.

Why would I want to virtualize network services? What’s a use case?

Security & Distributed Firewalling. Existing network security solutions are optimized for perimeter-based defense, but server-to-server traffic (East-West), which represents 80 percent of overall data center traffic, is not inspected by security controls. An attacker who gains access to one server may be able to move freely within the data center after penetrating the perimeter.

A traditional solution to this scenario is to perform all routing on a firewall device to steer VM traffic to the edge of the datacenter. But, hardware firewalls are expensive and impose throughput limits on traffic. This usage of hardware firewalls undermines the performance and low latency of modern, line-rate, Layer 3 switches and routers while increasing latency. VMware NSX is a disruptive approach to data center security: